1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    *
5    *
6    *
7    * The contents of this file are subject to the terms of the Liferay Enterprise
8    * Subscription License ("License"). You may not use this file except in
9    * compliance with the License. You can obtain a copy of the License by
10   * contacting Liferay, Inc. See the License for the specific language governing
11   * permissions and limitations under the License, including but not limited to
12   * distribution rights of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.kernel.servlet;
24  
25  import com.liferay.portal.kernel.log.Log;
26  import com.liferay.portal.kernel.log.LogFactoryUtil;
27  import com.liferay.portal.kernel.util.GetterUtil;
28  
29  import java.io.Serializable;
30  
31  import javax.servlet.ServletContext;
32  import javax.servlet.http.HttpSession;
33  import javax.servlet.http.HttpSessionAttributeListener;
34  import javax.servlet.http.HttpSessionBindingEvent;
35  
36  /**
37   * <a href="SerializableSessionAttributeListener.java.html"><b><i>View Source
38   * </i></b></a>
39   *
40   * @author Bruno Farache
41   */
42  public class SerializableSessionAttributeListener
43      implements HttpSessionAttributeListener {
44  
45      public void attributeAdded(HttpSessionBindingEvent event) {
46          String name = event.getName();
47          Object value = event.getValue();
48  
49          if (!(value instanceof Serializable)) {
50              _log.error(
51                  value.getClass().getName() +
52                      " is not serializable and will prevent this session from " +
53                          "being replicated");
54  
55              if (_requiresSerializable == null) {
56                  HttpSession session = event.getSession();
57  
58                  ServletContext servletContext = session.getServletContext();
59  
60                  _requiresSerializable = Boolean.valueOf(
61                      GetterUtil.getBoolean(
62                          servletContext.getInitParameter(
63                              "session-attributes-requires-serializable")));
64              }
65  
66              if (_requiresSerializable) {
67                  HttpSession session = event.getSession();
68  
69                  session.removeAttribute(name);
70              }
71          }
72      }
73  
74      public void attributeRemoved(HttpSessionBindingEvent event) {
75      }
76  
77      public void attributeReplaced(HttpSessionBindingEvent event) {
78          attributeAdded(event);
79      }
80  
81      private static Log _log =
82          LogFactoryUtil.getLog(SerializableSessionAttributeListener.class);
83  
84      private Boolean _requiresSerializable;
85  
86  }